Full Lunar Eclipse | STEM Monster | CS 450 | Careers | About
Coming Soon!!!! --- Online Counseling to Computer Science Students at LAMC
Prepare yourself for high-value jobs in this state and around the globe.
U.S. Targets Overseas Cyberattackers With Sanctions Program
Reuters (04/02/15) Jeff Mason; Andrea Shalal U.S. President Barack Obama on Wednesday signed an executive order allowing economic sanctions to be used against individuals or groups outside of the U.S. that carry out cyberattacks against U.S. interests. The action allows the U.S. Treasury Department to add such groups or individuals to the official sanctions list of designated nationals, which would have the effect of freezing their assets and barring U.S. financial institutions from doing business with them. According to the president, the new order enables sanctions to be used against those that use cyberattacks to harm critical infrastructure, misappropriate funds, steal trade secrets, or disrupt computer networks, which would include companies using cyber means to carry out industrial espionage. "From now on, we have the power to freeze their assets, make it harder for them to do business with U.S. companies, and limit their ability to profit from their misdeeds," Obama says. However, some observers warn the new order is worded too broadly, especially in light of how difficult it can be to determine the identity of a cyberattacker. Mark Rasch, a former Justice Department lawyer, says the order could create "a compliance nightmare for companies."
View Full Article
Googlers' Epic Hack Exploits How Memory Leaks Electricity
The increasing density of transistors in memory chips has raised concerns that electromagnetic leakage within the chips could cause unpredictable behavior. Now, a team of Google researchers has demonstrated a method of inducing such leakage to purposefully corrupt portions of the dynamic random access memory (DRAM) of certain laptops and bypass security protections. In a post on Google's Project Zero blog, the researchers describe using what is known as the "Rowhammer" technique to create security exploits. Rowhammering involves running a program designed to target a certain row of transistors in a computer's memory with the goal of inducing electromagnetic leakage that will cause the bits in the next row of memory to be flipped. The researchers found they could use the Rowhammer technique to carry out privilege escalation attacks and that such attacks could be launched from a malicious website. However, the researchers note they used only laptops running Linux, and of those only half were susceptible to the Rowhammer attacks. In addition, many computers already use DRAM that has error-correcting features that would render a Rowhammer attack useless. Google has released a tool enabling users to test their computers to see if they are vulnerable to a Rowhammer attack, and is urging memory makers to address the problem.
FCC Net Neutrality Rules Clear Hurdle as Republicans Concede to Obama Concede to Obama
The U.S. Federal Communications Commission (FCC) on Thursday is expected to approve new rules that would regulate Internet service like a public utility, which would represent the biggest policy shift since the Internet became a reality. The decision is a victory for numerous Internet companies, who mobilized last year after it seemed likely the FCC would pass regulations that some say would have allowed Internet service providers (ISPs) to create so-called "fast lanes," charging extra to companies for better access to end-users. These companies and others advocated for net neutrality and over the last year more individuals have sided with them, including President Barack Obama, who last November called on the FCC to regulate Internet service as a public utility. The FCC's new regulations would allow the agency to regulate Internet service as a public good and ban the creation of fast lanes. It also would ban the intentional slowing, or throttling, of any company's traffic by broadband providers and give the FCC greater authority to directly regulate Internet providers. Although lawmakers opposed to the plan are not expected to pass legislation to undo the regulations, ISPs and others likely will challenge the rules in court, which could delay their implementation.
Crowdsourcing America's Cybersecurity Is an Idea So Crazy It Might Just Work
Crowdsourced cybersecurity is a concept gaining ground, and its practical application would involve free, transparent sharing of computer code used to identify cyberthreats between the public and private sectors. One example initiated last December was the U.S. Army Research Lab's addition of the free Dshell forensic analysis network to the popular GitHub code sharing website. The Lab's William Glodek says the shared code would "help facilitate the transition of knowledge and understanding to our partners in academia and industry who face the same problems." Glodek also wants to "give back to the cyber community, while increasing collaboration between the Army, the Department of Defense, and external partners to improve our ability to detect and understand cyberattacks." Such efforts could be complemented with more recruitment of white hat hackers into the government's cybersecurity programs, while Silicon Valley could play a key role in the crowdsourcing of intelligence threats. Successful cybersecurity crowdsourcing will need to overcome pitfalls such as the risk that such openness might lead to enemy infiltration of government cyberdefense systems. Another issue is people's distrust of the intelligence community as fallout from the U.S. National Security Agency surveillance scandal.
Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise
Documents provided by former U.S. National Security Agency contractor Edward Snowden detail the efforts of the U.S., Canadian, and U.K. intelligence agencies to spy on the espionage activities of hacker groups and to monitor chatter in the hacker and security spaces. One document details the efforts of Communications Security Establishment Canada and Menwith Hill Station to exploit "a target-rich data set being stolen by hackers." The document dubs the hacker's email-stealing intrusion set INTOLERANT and says the intelligence agency suspects the group is backed by a state actor. INTOLERANT spied on diplomatic corps, human-rights activists, and journalists, largely in China, India, and Afghanistan, and the intelligence agency spied on INTOLERANT, gathering up the data it was stealing. Another document outlines the U.K. Government Communications Headquarters (GCHQ) program LOVELY HORSE, the purpose of which is to monitor and index public discussion among hackers on Twitter and other social media. Another GCHQ document details efforts to monitor and collect information from open source sites, including blogs, websites, chat venues, and Twitter, as well as IRC chat rooms and Pastebin pages. One note in the documents about hacker collective Anonymous reveals the intelligence agencies consider the group to be only a minor threat. View Full Article | Share
Performance Tuning your PC
Cyber Patriots March High Schools
San Diego Mayors Cup December
Linux Expo Feb 2016
Images creative commons license. Content Association of Computational Machnery News Service